A variety of sensitive data may be encountered by a computing device in a variety of different ways. For example, a computing device may be used to store data, communicate data over a network, and so on. Additionally, this data may be quite valuable, and therefore targeted by malicious parties. Conventional techniques that were utilized to protect this data, however, may limit the type of access control rule that can be implemented, or involve storage of a vast amount of cryptographic keys. For example, an organization's data may include a large number of files shares, access to each of which is independently managed and thus may involve use of large numbers of keys in order to support desirable security properties. This traditionally resulted in complicated storage and communication techniques, especially when confronted with a large variety of data that is to be encrypted and/or decrypted separately.